package com.cennavi.buss;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import com.alibaba.fastjson.JSONObject;
import com.cennavi.buss.service.imp.IAuthService;

@Component
public class SimpleCORSFilter implements Filter {

    @Autowired
    public IAuthService iAuthService;

    private HttpServletRequest request;

    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
            throws IOException, ServletException {
        HttpServletResponse response = (HttpServletResponse) res;
        response.setHeader("Access-Control-Allow-Origin", "*");
        response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
        response.setHeader("Access-Control-Max-Age", "3600");
        response.setHeader("Access-Control-Allow-Headers", "x-requested-with");

        this.request = (HttpServletRequest) req;

        System.out.println(request.getContextPath());
        System.out.println(request.getRequestURI());
        System.out.println(request.getRequestURI().replace(request.getContextPath(), ""));

        String url = request.getRequestURI().replace(request.getContextPath(), "");

        if (url.indexOf("hystrix") >= 0) {
            chain.doFilter(req, res);
            return;
        }

        String digestId = req.getParameter("digestId");
        String digest = req.getParameter("digest");
        String respString = iAuthService.authorization(url, digest, digestId);

        JSONObject json = JSONObject.parseObject(respString);

        if (json == null) {
            sendJson(response);
            return;
        }

        if (json.getInteger("errcode") == 0) {
            chain.doFilter(req, res);
        } else {
            sendJson(response);
            return;
        }

    }

    public boolean sendJson(HttpServletResponse response) {
        PrintWriter writer = null;
        response.setCharacterEncoding("UTF-8");
        response.setContentType("text/html; charset=utf-8");
        JSONObject json = new JSONObject();
        try {
            json.put("errcode", -999);
            json.put("errmsg", "用户未登录或者该功能未授权");
            writer = response.getWriter();
            writer.print(json.toJSONString());
        } catch (IOException e) {
            e.printStackTrace();
        } finally {
            if (writer != null)
                writer.close();
        }
        return false;
    }

    public void init(FilterConfig filterConfig) {
    }

    public void destroy() {
    }

}